@dbsc-toolkit/server-express 0.1.0

package/LICENSE

@@ -0,0 +1,132 @@
+Apache License
+Version 2.0, January 2004
+http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+"License" shall mean the terms and conditions for use, reproduction,
+and distribution as defined by Sections 1 through 9 of this document.
+
+"Licensor" shall mean the copyright owner or entity authorized by
+the copyright owner that is granting the License.
+
+"Legal Entity" shall mean the union of the acting entity and all
+other entities that control, are controlled by, or are under common
+control with that entity.
+
+"You" (or "Your") shall mean an individual or Legal Entity
+exercising permissions granted by this License.
+
+"Source" form shall mean the preferred form for making modifications,
+including but not limited to software source code, documentation
+source, and configuration files.
+
+"Object" form shall mean any form resulting from mechanical
+transformation or translation of a Source form, including but
+not limited to compiled object code, generated documentation,
+and conversions to other media types.
+
+"Work" shall mean the work of authorship made available under
+the License, as indicated by a copyright notice that is included in
+or attached to the work.
+
+"Derivative Works" shall mean any work, whether in Source or Object
+form, that is based on (or derived from) the Work and for which the
+editorial revisions, annotations, elaborations, or other transformations
+represent, as a whole, an original work of authorship.
+
+"Contribution" shall mean any work of authorship, including
+the original version of the Work and any modifications or additions
+to that Work or Derivative Works of the Work, that is intentionally
+submitted to the Licensor for inclusion in the Work by the copyright owner
+or by an individual or Legal Entity authorized to submit on behalf of
+the copyright owner.
+
+"Contributor" shall mean Licensor and any Legal Entity
+on behalf of whom a Contribution has been received by the Licensor and
+subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of
+this License, each Contributor hereby grants to You a perpetual,
+worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+copyright license to reproduce, prepare Derivative Works of,
+publicly display, publicly perform, sublicense, and distribute the
+Work and such Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of
+this License, each Contributor hereby grants to You a perpetual,
+worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+(except as stated in this section) patent license to make, have made,
+use, offer to sell, sell, import, and otherwise transfer the Work,
+where such license applies only to those patent claims licensable
+by such Contributor that are necessarily infringed by their
+Contribution(s) alone or by the combined work of their Contribution(s)
+with the Work to which such Contribution(s) was submitted.
+
+4. Redistribution. You may reproduce and distribute copies of the
+Work or Derivative Works thereof in any medium, with or without
+modifications, and in Source or Object form, provided that You
+meet the following conditions:
+
+(a) You must give any other recipients of the Work or Derivative Works
+a copy of this License; and
+
+(b) You must cause any modified files to carry prominent notices
+stating that You changed the files; and
+
+(c) You must retain, in the Source form of any Derivative Works
+that You distribute, all copyright, patent, trademark, and
+attribution notices from the Source form of the Work; and
+
+(d) If the Work includes a "NOTICE" text file, you must include a
+readable copy of the attribution notices contained within such NOTICE
+file, in at least one of the following places: within a NOTICE text
+file distributed as part of the Derivative Works; or, within the
+Source form or documentation, if provided along with the Derivative
+Works; or, on a display generated by the Derivative Works.
+
+The "NOTICE" file referenced above refers to a text file that may
+accompany the source form of the Work.
+
+You may add Your own attribution notices within Derivative Works
+that You distribute, alongside or as an addendum to the NOTICE text
+from the Work, provided that such additional attribution notices
+cannot be construed as modifying the License.
+
+You may add Your own license statement for Your modifications and
+may provide additional grant of rights to use, reproduce, or
+distribute Derivative Works, subject to the terms and conditions
+for the Work itself.
+
+5. Submission of Contributions. Unless You explicitly state otherwise,
+any Contribution intentionally submitted for inclusion in the Work
+by You to the Licensor shall be under the terms and conditions of
+this License, without any additional terms or conditions.
+
+6. Trademarks. This License does not grant permission to use the trade
+names, trademarks, service marks, or product names of the Licensor.
+
+7. Disclaimer of Warranty. Unless required by applicable law or
+agreed to in writing, Licensor provides the Work (and each Contributor
+provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES
+OR CONDITIONS OF ANY KIND, either express or implied, including,
+without limitation, any warranties or conditions of TITLE,
+NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE.
+
+8. Limitation of Liability. In no event and under no legal theory,
+whether in tort (including negligence), contract, or otherwise,
+unless required by applicable law (such as deliberate and grossly
+negligent acts) or agreed to in writing, shall any Contributor be
+liable to You for damages, including any direct, indirect, special,
+incidental, or exemplary damages of any character arising as a
+result of this License or out of the use or inability to use the
+Work.
+
+9. Accepting Warranty or Additional Liability. While redistributing
+the Work or Derivative Works thereof, You may choose to offer, and
+charge a fee for, acceptance of support, warranty, indemnity,
+or other liability obligations and/or rights consistent with this License.
+
+END OF TERMS AND CONDITIONS

package/README.md

@@ -0,0 +1,86 @@
+# @dbsc-toolkit/server-express
+
+Express middleware for the DBSC Toolkit. Mounts the registration and refresh routes, parses cookies, exposes session info on `res.locals.dbsc`.
+
+## Install
+
+```sh
+pnpm add @dbsc-toolkit/server-express @dbsc-toolkit/storage-memory cookie-parser
+```
+
+## Usage
+
+```ts
+import express from "express";
+import cookieParser from "cookie-parser";
+import { randomUUID } from "node:crypto";
+import { dbsc } from "@dbsc-toolkit/server-express";
+import { MemoryStorage } from "@dbsc-toolkit/storage-memory";
+import { buildRegistrationHeader, issueChallenge } from "@dbsc-toolkit/core";
+
+const app = express();
+const storage = new MemoryStorage();
+
+app.use(cookieParser());
+app.use(express.json());
+app.use(dbsc({ storage }));
+
+app.post("/login", async (req, res) => {
+  const sessionId = randomUUID();
+  await storage.setSession({
+    id: sessionId,
+    userId: req.body.username,
+    tier: "none",
+    createdAt: Date.now(),
+    expiresAt: Date.now() + 24 * 60 * 60 * 1000,
+  });
+
+  const challenge = await issueChallenge(sessionId, storage);
+  const header = buildRegistrationHeader({
+    refreshPath: "/dbsc/registration",
+    challenge: challenge.jti,
+  });
+  res.setHeader("Secure-Session-Registration", header);
+  res.setHeader("Sec-Session-Registration", header);
+
+  res.cookie("__Host-dbsc-reg", sessionId, {
+    httpOnly: true, secure: true, sameSite: "lax", path: "/",
+    maxAge: 24 * 60 * 60 * 1000,
+  });
+  res.cookie("__Host-dbsc-challenge", challenge.jti, {
+    httpOnly: true, secure: true, sameSite: "lax", path: "/",
+    maxAge: 5 * 60 * 1000,
+  });
+
+  res.json({ ok: true });
+});
+
+app.get("/me", (req, res) => {
+  const { sessionId, tier } = res.locals.dbsc;
+  if (!sessionId) return res.status(401).end();
+  res.json({ sessionId, tier });
+});
+```
+
+The middleware automatically handles `POST /dbsc/registration` and `POST /dbsc/refresh`. Chrome drives both — your application code never sees those requests.
+
+## Options
+
+```ts
+dbsc({
+  storage,
+  secure: true,                       // default. Disable for HTTP local dev (drops __Host- prefix)
+  registrationPath: "/dbsc/registration",
+  refreshPath: "/dbsc/refresh",
+  boundCookieTtl: 10 * 60 * 1000,     // bound cookie lifetime in ms
+  registrationCookieTtl: 24 * 60 * 60 * 1000,
+  rateLimiter: customRateLimiter,
+  onEvent: (event) => { ... },
+});
+```
+
+See the [main README](https://github.com/SulimanAbdulrazzaq/DBSC#readme) for the full picture.
+
+## License
+
+Apache-2.0

package/dist/index.d.ts

@@ -0,0 +1,20 @@
+import type { RequestHandler } from "express";
+import { type DbscOptions, type ProtectionTier } from "@dbsc-toolkit/core";
+export interface DbscExpressOptions extends DbscOptions {
+    secure?: boolean;
+}
+export interface DbscLocals {
+    sessionId: string | null;
+    tier: ProtectionTier;
+    revoke: () => Promise<void>;
+    requireBound: () => void;
+}
+declare global {
+    namespace Express {
+        interface Locals {
+            dbsc: DbscLocals;
+        }
+    }
+}
+export declare function dbsc(opts: DbscExpressOptions): RequestHandler;
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAmC,cAAc,EAAE,MAAM,SAAS,CAAC;AAE/E,OAAO,EAgBL,KAAK,WAAW,EAEhB,KAAK,cAAc,EACpB,MAAM,oBAAoB,CAAC;AAW5B,MAAM,WAAW,kBAAmB,SAAQ,WAAW;IACrD,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,UAAU;IACzB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,IAAI,EAAE,cAAc,CAAC;IACrB,MAAM,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,YAAY,EAAE,MAAM,IAAI,CAAC;CAC1B;AAED,OAAO,CAAC,MAAM,CAAC;IACb,UAAU,OAAO,CAAC;QAChB,UAAU,MAAM;YACd,IAAI,EAAE,UAAU,CAAC;SAClB;KACF;CACF;AAsBD,wBAAgB,IAAI,CAAC,IAAI,EAAE,kBAAkB,GAAG,cAAc,CAwM7D"}

package/dist/index.js

@@ -0,0 +1,191 @@
+import { randomBytes as nodeRandomBytes } from "node:crypto";
+import { handleRegistration, handleRefresh, issueChallenge, buildChallengeHeader, readSessionResponseHeader, CHALLENGE_HEADER, LEGACY_CHALLENGE_HEADER, NoopRateLimiter, emit, DbscProtocolError, DbscVerificationError, } from "@dbsc-toolkit/core";
+const cookieNames = (secure) => ({
+    bound: secure ? "__Host-dbsc-session" : "dbsc-session",
+    reg: secure ? "__Host-dbsc-reg" : "dbsc-reg",
+    challenge: secure ? "__Host-dbsc-challenge" : "dbsc-challenge",
+});
+const DEFAULT_BOUND_TTL = 10 * 60 * 1000;
+const DEFAULT_REG_TTL = 24 * 60 * 60 * 1000;
+function cookieOpts(ttlMs, secure) {
+    return {
+        httpOnly: true,
+        secure,
+        sameSite: "lax",
+        maxAge: ttlMs / 1000,
+        path: "/",
+    };
+}
+function serializeCookie(name, value, opts) {
+    const parts = [`${name}=${value}`];
+    parts.push("HttpOnly");
+    if (opts.secure)
+        parts.push("Secure");
+    parts.push(`SameSite=${opts.sameSite}`);
+    parts.push(`Max-Age=${opts.maxAge}`);
+    parts.push(`Path=${opts.path}`);
+    return parts.join("; ");
+}
+export function dbsc(opts) {
+    const { storage, fallback = "webauthn", registrationPath = "/dbsc/registration", refreshPath = "/dbsc/refresh", boundCookieTtl = DEFAULT_BOUND_TTL, registrationCookieTtl = DEFAULT_REG_TTL, rateLimiter = new NoopRateLimiter(), onEvent, secure = true, } = opts;
+    const hmacSecret = nodeRandomBytes(32);
+    const COOKIES = cookieNames(secure);
+    async function handleRegistrationRoute(req, res) {
+        const ip = req.ip ?? "unknown";
+        const allowed = await rateLimiter.checkRegistration(ip);
+        if (!allowed) {
+            res.status(429).json({ error: "rate limited" });
+            return;
+        }
+        const sessionId = req.cookies?.[COOKIES.reg];
+        const expectedJti = req.cookies?.[COOKIES.challenge];
+        if (!sessionId || !expectedJti) {
+            res.status(400).json({ error: "missing session or challenge cookie" });
+            return;
+        }
+        try {
+            await handleRegistration({
+                sessionId,
+                secSessionResponseHeader: readSessionResponseHeader(req.headers),
+                expectedJti,
+            }, storage);
+            const session = await storage.getSession(sessionId);
+            if (session) {
+                await storage.setSession({ ...session, tier: "dbsc" });
+            }
+            emit(onEvent, {
+                type: "registration",
+                sessionId,
+                tier: "dbsc",
+                timestamp: Date.now(),
+                algorithm: "ES256",
+                ip,
+            });
+            res.setHeader("Set-Cookie", [
+                serializeCookie(COOKIES.bound, sessionId, cookieOpts(boundCookieTtl, secure)),
+                serializeCookie(COOKIES.challenge, "", { ...cookieOpts(0, secure), maxAge: 0 }),
+            ]);
+            res.status(204).end();
+        }
+        catch (err) {
+            await rateLimiter.recordFailure(ip, sessionId);
+            if (err instanceof DbscVerificationError || err instanceof DbscProtocolError) {
+                emit(onEvent, {
+                    type: "verification_failure",
+                    sessionId,
+                    tier: "dbsc",
+                    timestamp: Date.now(),
+                    reason: err.code,
+                    ip,
+                });
+                res.status(400).json({ error: err.message });
+                return;
+            }
+            throw err;
+        }
+    }
+    async function handleRefreshRoute(req, res) {
+        const ip = req.ip ?? "unknown";
+        const sessionId = req.cookies?.[COOKIES.bound];
+        if (!sessionId) {
+            res.status(401).json({ error: "no session" });
+            return;
+        }
+        const allowed = await rateLimiter.checkRefresh(ip, sessionId);
+        if (!allowed) {
+            res.status(429).json({ error: "rate limited" });
+            return;
+        }
+        const responseHeader = readSessionResponseHeader(req.headers);
+        if (!responseHeader) {
+            const challenge = await issueChallenge(sessionId, storage);
+            res.setHeader(CHALLENGE_HEADER, buildChallengeHeader(challenge.jti));
+            res.setHeader(LEGACY_CHALLENGE_HEADER, buildChallengeHeader(challenge.jti));
+            res.setHeader("Set-Cookie", serializeCookie(COOKIES.challenge, challenge.jti, cookieOpts(5 * 60 * 1000, secure)));
+            res.status(403).end();
+            return;
+        }
+        const expectedJti = req.cookies?.[COOKIES.challenge];
+        if (!expectedJti) {
+            res.status(400).json({ error: "missing challenge cookie" });
+            return;
+        }
+        try {
+            await handleRefresh({ sessionId, secSessionResponseHeader: responseHeader, expectedJti }, storage);
+            emit(onEvent, {
+                type: "refresh",
+                sessionId,
+                tier: "dbsc",
+                timestamp: Date.now(),
+                ip,
+            });
+            res.setHeader("Set-Cookie", [
+                serializeCookie(COOKIES.bound, sessionId, cookieOpts(boundCookieTtl, secure)),
+                serializeCookie(COOKIES.challenge, "", { ...cookieOpts(0, secure), maxAge: 0 }),
+            ]);
+            res.status(204).end();
+        }
+        catch (err) {
+            await rateLimiter.recordFailure(ip, sessionId);
+            const stolenCheck = await storage.getBoundKey(sessionId);
+            if (stolenCheck) {
+                emit(onEvent, {
+                    type: "session_stolen",
+                    sessionId,
+                    tier: "dbsc",
+                    timestamp: Date.now(),
+                    ip,
+                });
+            }
+            if (err instanceof DbscVerificationError || err instanceof DbscProtocolError) {
+                emit(onEvent, {
+                    type: "verification_failure",
+                    sessionId,
+                    tier: "dbsc",
+                    timestamp: Date.now(),
+                    reason: err.code,
+                    ip,
+                });
+                res.status(401).json({ error: err.message });
+                return;
+            }
+            throw err;
+        }
+    }
+    return async (req, res, next) => {
+        if (req.method === "POST" && req.path === registrationPath) {
+            await handleRegistrationRoute(req, res);
+            return;
+        }
+        if (req.method === "POST" && req.path === refreshPath) {
+            await handleRefreshRoute(req, res);
+            return;
+        }
+        const sessionId = req.cookies?.[COOKIES.bound];
+        res.locals.dbsc = {
+            sessionId: sessionId ?? null,
+            tier: "none",
+            revoke: async () => {
+                if (sessionId)
+                    await storage.revokeSession(sessionId);
+                res.setHeader("Set-Cookie", [
+                    serializeCookie(COOKIES.bound, "", { ...cookieOpts(0, secure), maxAge: 0 }),
+                ]);
+            },
+            requireBound: () => {
+                if (!sessionId) {
+                    res.status(401).json({ error: "authentication required" });
+                    throw new Error("unauthenticated");
+                }
+            },
+        };
+        if (sessionId) {
+            const session = await storage.getSession(sessionId);
+            if (session) {
+                res.locals.dbsc.tier = session.tier;
+            }
+        }
+        next();
+    };
+}
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,IAAI,eAAe,EAAE,MAAM,aAAa,CAAC;AAC7D,OAAO,EACL,kBAAkB,EAClB,aAAa,EACb,cAAc,EAEd,oBAAoB,EACpB,yBAAyB,EAEzB,gBAAgB,EAEhB,uBAAuB,EACvB,eAAe,EACf,IAAI,EACJ,iBAAiB,EACjB,qBAAqB,GAKtB,MAAM,oBAAoB,CAAC;AAE5B,MAAM,WAAW,GAAG,CAAC,MAAe,EAAE,EAAE,CAAC,CAAC;IACxC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,cAAc;IACtD,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,UAAU;IAC5C,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC,CAAC,gBAAgB;CAC/D,CAAC,CAAC;AAEH,MAAM,iBAAiB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AACzC,MAAM,eAAe,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAqB5C,SAAS,UAAU,CAAC,KAAa,EAAE,MAAe;IAChD,OAAO;QACL,QAAQ,EAAE,IAAI;QACd,MAAM;QACN,QAAQ,EAAE,KAAc;QACxB,MAAM,EAAE,KAAK,GAAG,IAAI;QACpB,IAAI,EAAE,GAAG;KACV,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CAAC,IAAY,EAAE,KAAa,EAAE,IAAmC;IACvF,MAAM,KAAK,GAAG,CAAC,GAAG,IAAI,IAAI,KAAK,EAAE,CAAC,CAAC;IACnC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACvB,IAAI,IAAI,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACtC,KAAK,CAAC,IAAI,CAAC,YAAY,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;IACxC,KAAK,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IACrC,KAAK,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;IAChC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,IAAI,CAAC,IAAwB;IAC3C,MAAM,EACJ,OAAO,EACP,QAAQ,GAAG,UAAU,EACrB,gBAAgB,GAAG,oBAAoB,EACvC,WAAW,GAAG,eAAe,EAC7B,cAAc,GAAG,iBAAiB,EAClC,qBAAqB,GAAG,eAAe,EACvC,WAAW,GAAG,IAAI,eAAe,EAAE,EACnC,OAAO,EACP,MAAM,GAAG,IAAI,GACd,GAAG,IAAI,CAAC;IAET,MAAM,UAAU,GAAG,eAAe,CAAC,EAAE,CAAC,CAAC;IACvC,MAAM,OAAO,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IAEpC,KAAK,UAAU,uBAAuB,CAAC,GAAY,EAAE,GAAa;QAChE,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,SAAS,CAAC;QAC/B,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC;QACxD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;YAChD,OAAO;QACT,CAAC;QAED,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,GAAG,CAAuB,CAAC;QACnE,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,SAAS,CAAuB,CAAC;QAE3E,IAAI,CAAC,SAAS,IAAI,CAAC,WAAW,EAAE,CAAC;YAC/B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,qCAAqC,EAAE,CAAC,CAAC;YACvE,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,MAAM,kBAAkB,CACtB;gBACE,SAAS;gBACT,wBAAwB,EAAE,yBAAyB,CAAC,GAAG,CAAC,OAAwD,CAAC;gBACjH,WAAW;aACZ,EACD,OAAO,CACR,CAAC;YAEF,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;YACpD,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,OAAO,CAAC,UAAU,CAAC,EAAE,GAAG,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;YACzD,CAAC;YAED,IAAI,CAAC,OAAO,EAAE;gBACZ,IAAI,EAAE,cAAc;gBACpB,SAAS;gBACT,IAAI,EAAE,MAAM;gBACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,SAAS,EAAE,OAAO;gBAClB,EAAE;aACH,CAAC,CAAC;YAEH,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBAC1B,eAAe,CAAC,OAAO,CAAC,KAAK,EAAE,SAAS,EAAE,UAAU,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;gBAC7E,eAAe,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC,EAAE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;aAChF,CAAC,CAAC;YACH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACxB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,WAAW,CAAC,aAAa,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;YAE/C,IAAI,GAAG,YAAY,qBAAqB,IAAI,GAAG,YAAY,iBAAiB,EAAE,CAAC;gBAC7E,IAAI,CAAC,OAAO,EAAE;oBACZ,IAAI,EAAE,sBAAsB;oBAC5B,SAAS;oBACT,IAAI,EAAE,MAAM;oBACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;oBACrB,MAAM,EAAE,GAAG,CAAC,IAAI;oBAChB,EAAE;iBACH,CAAC,CAAC;gBACH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC7C,OAAO;YACT,CAAC;YACD,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;IAED,KAAK,UAAU,kBAAkB,CAAC,GAAY,EAAE,GAAa;QAC3D,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,SAAS,CAAC;QAC/B,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAuB,CAAC;QAErE,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC;YAC9C,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,YAAY,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;QAC9D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;YAChD,OAAO;QACT,CAAC;QAED,MAAM,cAAc,GAAG,yBAAyB,CAAC,GAAG,CAAC,OAAwD,CAAC,CAAC;QAE/G,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YAC3D,GAAG,CAAC,SAAS,CAAC,gBAAgB,EAAE,oBAAoB,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;YACrE,GAAG,CAAC,SAAS,CAAC,uBAAuB,EAAE,oBAAoB,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;YAC5E,GAAG,CAAC,SAAS,CACX,YAAY,EACZ,eAAe,CAAC,OAAO,CAAC,SAAS,EAAE,SAAS,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,MAAM,CAAC,CAAC,CACrF,CAAC;YACF,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;YACtB,OAAO;QACT,CAAC;QAED,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,SAAS,CAAuB,CAAC;QAC3E,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,0BAA0B,EAAE,CAAC,CAAC;YAC5D,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,MAAM,aAAa,CAAC,EAAE,SAAS,EAAE,wBAAwB,EAAE,cAAc,EAAE,WAAW,EAAE,EAAE,OAAO,CAAC,CAAC;YAEnG,IAAI,CAAC,OAAO,EAAE;gBACZ,IAAI,EAAE,SAAS;gBACf,SAAS;gBACT,IAAI,EAAE,MAAM;gBACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,EAAE;aACH,CAAC,CAAC;YAEH,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBAC1B,eAAe,CAAC,OAAO,CAAC,KAAK,EAAE,SAAS,EAAE,UAAU,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;gBAC7E,eAAe,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC,EAAE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;aAChF,CAAC,CAAC;YACH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QACxB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,WAAW,CAAC,aAAa,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;YAE/C,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;YACzD,IAAI,WAAW,EAAE,CAAC;gBAChB,IAAI,CAAC,OAAO,EAAE;oBACZ,IAAI,EAAE,gBAAgB;oBACtB,SAAS;oBACT,IAAI,EAAE,MAAM;oBACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;oBACrB,EAAE;iBACH,CAAC,CAAC;YACL,CAAC;YAED,IAAI,GAAG,YAAY,qBAAqB,IAAI,GAAG,YAAY,iBAAiB,EAAE,CAAC;gBAC7E,IAAI,CAAC,OAAO,EAAE;oBACZ,IAAI,EAAE,sBAAsB;oBAC5B,SAAS;oBACT,IAAI,EAAE,MAAM;oBACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;oBACrB,MAAM,EAAG,GAA6B,CAAC,IAAI;oBAC3C,EAAE;iBACH,CAAC,CAAC;gBACH,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC7C,OAAO;YACT,CAAC;YACD,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;IAED,OAAO,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAiB,EAAE;QAC9E,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;YAC3D,MAAM,uBAAuB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YACxC,OAAO;QACT,CAAC;QAED,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;YACtD,MAAM,kBAAkB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YACnC,OAAO;QACT,CAAC;QAED,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAuB,CAAC;QAErE,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG;YAChB,SAAS,EAAE,SAAS,IAAI,IAAI;YAC5B,IAAI,EAAE,MAAM;YACZ,MAAM,EAAE,KAAK,IAAI,EAAE;gBACjB,IAAI,SAAS;oBAAE,MAAM,OAAO,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;gBACtD,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;oBAC1B,eAAe,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC,EAAE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;iBAC5E,CAAC,CAAC;YACL,CAAC;YACD,YAAY,EAAE,GAAG,EAAE;gBACjB,IAAI,CAAC,SAAS,EAAE,CAAC;oBACf,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,yBAAyB,EAAE,CAAC,CAAC;oBAC3D,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;gBACrC,CAAC;YACH,CAAC;SACF,CAAC;QAEF,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;YACpD,IAAI,OAAO,EAAE,CAAC;gBACZ,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;YACtC,CAAC;QACH,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC"}

package/package.json

@@ -0,0 +1,59 @@
+{
+  "name": "@dbsc-toolkit/server-express",
+  "version": "0.1.0",
+  "description": "Express middleware for DBSC Toolkit",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "dependencies": {
+    "cookie": "^0.6.0",
+    "@dbsc-toolkit/core": "0.1.0"
+  },
+  "peerDependencies": {
+    "express": ">=4.0.0"
+  },
+  "devDependencies": {
+    "@types/cookie": "^0.6.0",
+    "@types/express": "^4.17.0",
+    "@types/node": "^20.0.0",
+    "express": "^4.19.0",
+    "typescript": "^5.4.0",
+    "vitest": "^1.6.0"
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "license": "Apache-2.0",
+  "homepage": "https://github.com/SulimanAbdulrazzaq/dbsc-toolkit#readme",
+  "bugs": {
+    "url": "https://github.com/SulimanAbdulrazzaq/dbsc-toolkit/issues"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/SulimanAbdulrazzaq/dbsc-toolkit.git",
+    "directory": "packages/server-express"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "keywords": [
+    "dbsc",
+    "express",
+    "middleware",
+    "session",
+    "security",
+    "auth"
+  ],
+  "scripts": {
+    "build": "tsc -p tsconfig.json",
+    "test": "vitest run --passWithNoTests",
+    "clean": "rm -rf dist"
+  }
+}